Risk Management File - Procedure Packs


Involved In Discussions
Good afternoon,

I have a question surrounding the Risk Management File.

We are Manufacturers of Sterile Single Use Procedure Packs. Do we need a Risk Management File for each Device? Or is it enough to create a Risk Management for a Procedure Pack as all hazards etc are the same for each Device?


Trusted Information Resource
It is common that "families" of devices leverage a common set of RM files... be sensitive to the possibility that different members of a family may have different Severity Ratings/P1/P2, Risk Controls, Implementations and Measures of Effectiveness, and that you didn't "forget" to provide coverage (in the RM files) for all members of the family.

In this case, you probably need to make sure that the sterilization methods are appropriate for all members of the family and provide equivalent measures of risk controls, even if there are only a handful of "lines" in the RM file for certain hazards relating to infection.


Quite Involved in Discussions
Surely you can produce one Risk Management File with the relevant documents addressing the range of products? So long as each is mentioned and any differences identified, I cannot see why this would be unacceptable. There's nothing in the Standards/Regulations that I am aware of that states that any RM document has to be unique to a single product


Quite Involved in Discussions
Note: My response is solely around EU requirements on procedure packs.

My understanding of procedure packs is that they are collations of devices that already bear the CE marking with an intended use of their own, that are intended to be used together.
Whilst the definition in the MDR

‘procedure pack’ means a combination of products packaged together and placed on the market with the purpose of being used for a specific medical purpose;

is vague enough that it could be considered that any combination of products packaged together could be a procedure pack without having been assessed as a device anyway, Article 22(4) clarifies that.

4. Where the system or procedure pack incorporates devices which do not bear the CE marking or where the chosen combination of devices is not compatible in view of their original intended purpose, or where the sterilisation has not been carried out in accordance with the manufacturer's instructions, the system or procedure pack shall be treated as a device in its own right and shall be subject to the relevant conformity assessment procedure pursuant to Article 52. The natural or legal person shall assume the obligations incumbent on manufacturers.

As such I would expect each device in a procedure pack to have its own risk file anyway - and the relevant declaration regarding the procedure pack drawn up in line with this.
I would personally find that preparing a risk file for each device within the procedure packs in isolation and then a verification of compatibility exercise more comprehensive and, whilst likely more administration, far easier to manage.

I've not prepared risk files for procedure packs I've been a part of placing on the market before and never had any issues - though this has only been a handful of packs at a handful of manufacturers.
Top Bottom